Remove stale ADFS WS-Fed web application

Yordan Yordanov 466 Reputation points
2022-09-28T08:02:42.18+00:00

I have an ADFS server farm that had 2 relying party trusts - one WS-Fed for Office 365 federation and another SAML-based. The Office 365 authentication has been transitioned to managed authentication long time ago and now the sign-in page remains in ADFS. The problem is that it is cached in Google and some users try to sign in directly to the ADFS sign-in page, which of course returns an error. I want to remove the web app, but leave the ADFS farm operational as the other SAML relying party trust is still in use. How do I do this? Every article I found concerns connecting to Azure AD using PowerShell, converting the domain to standard and then decomissioning the servers, which is not what I want.

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,204 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Pierre Audonnet - MSFT 10,166 Reputation points Microsoft Employee
    2022-10-01T01:56:52.517+00:00

    What do you mean by "the sign-in page remains in ADFS"?

    0 comments No comments

  2. Yordan Yordanov 466 Reputation points
    2022-10-01T11:41:06.34+00:00

    The ADFS sign-in page is cached in Google and if you click the link, it opens the username and password login form. If you try to log on, it returns an error since the federation trust does not exist anymore. This is a problem only if users try to find the service using the search engine, we have migrated to pass-through authentication years ago, so this sign-in page is no longer needed, but I don't know how to remove it. ADFS is on Windows Server 2016.